Non-secure electronic devices are very widespread. Some of them derive their value from the fact that they are highly personalizable, that is to say it is possible to load therein all kinds of software for fulfilling the most diverse functions, which confers on them great flexibility. However, this requires opening up a large number of interfaces of the non-secure electronic device, to enable the largest possible number of third parties to develop the most varied possible software. By thus opening up the interfaces (that is to say the possible accesses), possibilities of abuse are also opened up. Making the interfaces secure often proves to be extremely constraining in the current state of knowledge, and therefore sometimes the wealth of functionalities is sometimes favored to the detriment of security. As a corollary, there exist numerous ways of violating the security of such non-secure electronic devices. For example, it is possible, with some of them, to load viruses, Trojan horses, spyware or all kinds of malware. There exists for example malware designed to intercept the keystrokes made on a keyboard of the non-secure electronic device and to spy on them or even (in addition) to modify them.
There also exists malware designed to take control of a screen of the non-secure electronic device and to display something other than what the electronic device is supposed to display. These various items of malware thus make it possible to intercept passwords and to modify transactions without the user of the non-secure electronic device being aware of it. A person making a bank transfer may thus think (on the basis of his keystrokes and the display) that he has made a transfer of a certain amount to a certain account, whereas the malware has in reality made a much higher transfer to another account (that of the attacker for example).
Installing a secure electronic circuit within a non-secure electronic circuit is known. This aims in particular to protect various tasks performed by the non-secure electronic device.
Reserving part of a screen of the non-secure electronic device for the secure electronic circuit is in particular known. Thus only the secure electronic circuit can display information in this part of the screen, and the user of the non-secure electronic device has thus the certainty that what is displayed in this screen part comes from the secure electronic circuit (rather than, for example, a virus directly controlling the screen). This solution does however require making this part of the screen unavailable for normal use, which is extremely detrimental in many situations.
Integrating a dedicated light emitting diode (hereinafter LED) in the non-secure electronic device, the LED being controlled solely by the secure electronic circuit, and having the LED switched on by the secure electronic circuit when the latter takes control of the screen, is also known. The user thus knows when what is displayed on the screen comes from this circuit. This solution does however require providing this LED, which gives rise to an additional cost (in terms of hardware), which is not always acceptable.
Finally, carrying out an authentication by means for example of a password (PIN code, secret phrase, etc.) previously recorded is known. However, the user is not in a position to know whether the authentication is taking place via a secure connection by the secure electronic circuit or via a false connection established for example by a virus.
Thus EP 1952297 A2 discloses a method for the authentication, by a user, of a secure operating mode of an information system comprising means for presenting information to the user, means for the entry of data by the user and storage means.
U.S. Pat. No. 7,302,585B1, EP 1056014 A1 and EP 1181645 A1 for their part disclose a data processing system comprising a secure display processor distinct from the main processor of the system. The secure display processor interacts with a chip card in order to extract and display a secure image.